Blob Blame History Raw
From fb2bd72a49496d10c4860102b7c26b9bc8adff70 Mon Sep 17 00:00:00 2001
From: 4ugustus <wangdw.augustus@qq.com>
Date: Tue, 8 Mar 2022 16:22:04 +0000
Subject: [PATCH] (CVE-2022-0909) fix the FPE in tiffcrop (#393)

(cherry picked from commit 32ea0722ee68f503b7a3f9b2d557acb293fc8cde)
---
 libtiff/tif_dir.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
index c36a5f3f..f126f2aa 100644
--- a/libtiff/tif_dir.c
+++ b/libtiff/tif_dir.c
@@ -320,13 +320,13 @@ _TIFFVSetField(TIFF* tif, uint32 tag, va_list ap)
 		break;
 	case TIFFTAG_XRESOLUTION:
         dblval = va_arg(ap, double);
-        if( dblval < 0 )
+        if( dblval != dblval || dblval < 0 )
             goto badvaluedouble;
 		td->td_xresolution = TIFFClampDoubleToFloat( dblval );
 		break;
 	case TIFFTAG_YRESOLUTION:
         dblval = va_arg(ap, double);
-        if( dblval < 0 )
+        if( dblval != dblval || dblval < 0 )
             goto badvaluedouble;
 		td->td_yresolution = TIFFClampDoubleToFloat( dblval );
 		break;